npm has recently limited the lifetime of all access tokens to 90 days (https://gh.io/npm-token-changes), so it would be a bit inconvenient to stick to our current access token-based method of publishing releases. Meanwhile npm has implemented a more secure publishing method based on OIDC in which you tell the registry that a particular GitHub Actions workflow should be a "trusted publisher" for a given package, and then the CLI will authenticate automatically. (https://docs.npmjs.com/trusted-publishers)
I've already set trusted publishing up on the registry side, and since we're already granting the job permission to generate ID tokens for provenance, there should be no additional lines of config needed to make it work. Let's take away the access token and see how this goes next time we release.
* Stop reading deprecated config options
* add PR-Breaking-Change as one of the possible PR- prefix labels
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* Build Docker image on slim base
* Run Playwright tests against Docker container
For Playwright end-to-end tests in CI, instead of running a development
webserver with `yarn dev`, build and deploy a Docker container for
Element Call and use that as the webserver to test against.
* Shut down playwright webserver gracefully
When using a containerized webserver, this stops the container once
tests finish.
* Increase Playwright timeout in CI
---------
Co-authored-by: fkwp <github-fkwp@w4ve.de>
Because we're now requiring the 'Prevent blocked' check to pass before merging a PR, GitHub Actions now expects it to be associated with the latest Git ref of the PR's branch whenever the branch is updated. Therefore we need to re-run the workflow on the 'synchronize' event.
* Refactor version calculation to use separate step and track version for each platform
* Set tag for NPM and SNAPSHOT for AAR appropriately
* Log output versions for each platform
* Fix tarball name
* Just use npm tag of `latest` or `other`
* Attempt to fix AAR snapshot publishing
* Expose version string in embedded SwiftPM and AAR
Implements https://github.com/element-hq/element-call/issues/3143
* Fix filename
* Fix location of `Version.kt`
* Use the right path for the sed replacement in the publishing workflow for Android
---------
Co-authored-by: Jorge Martín <jorgem@element.io>
* Publish embedded package for releases of Element Call
Part of https://github.com/element-hq/element-call/issues/2994
This PR:
- Publishes embedded builds as Tarball, NPM, AAR, SwiftPM for releases
- Publishes full builds as Tarball for releases
- Adds comments to release notes with the built artifact locations
* Update embedded/web/package.json
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Update .github/workflows/publish-embedded-packages.yaml
* Update embedded/ios/Package.swift
* Apply suggestions from code review
* Try dry-run of gradlew
* Whitespace
* Fix more instances of unpinned GHA
* Minimise permissions
* Upload release notes once
To reduce concurrency
* Fix npm publish permissions
---------
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
